Vendor Risk Professional

About The Position

Requirements

• 5+ years of related experience in Vendor Management, Risk Management or similar field.
• Bachelor's degree or equivalent experience required; Bachelor's degree in related field preferred.
• Intermediate knowledge of general banking or financial services is preferred.
• Intermediate knowledge of applicable regulatory and legal compliance obligations, rules and regulations, industry standards and practices.
• Intermediate experience with FFIEC auditing regulations, or similar financial industry requirements is strongly preferred.
• Experience with risk control processes, ideally in a financial service industry preferred.
• Intermediate exposure to Risk Management Technology Platforms (i.e. ProcessUnity, Venminder, SAI360, RSA-Archer).
• Experience building Risk Control Self-Assessment (RCSA), TPRM, Application Control Testing, SOX compliance Testing, Vulnerability Analysis, Change Management, and Data Cryptography.
• Knowledge and skills of Microsoft Office Suite.
• Intermediate speaking and writing communication skills.
• Certified Regulatory Vendor Program Management (CRVPM) Level 1 preferred; Certified Third Party Risk Professional (CTPRP) preferred.

Responsibilities

• Support Third-Party Management Services (TPMS) and assist senior risk professionals.
• Manage the full life cycle for third-party management processes from onboarding to managing existing third-party relationships.
• Build risk assessments, assess controls, and review third-parties based on required regulations.
• Evaluate third-parties and build rating-based risk profiles.
• Facilitate due diligence questionnaires and obtain various approvals for assigned supplier portfolio category.
• Monitor requirements in accordance with the defined framework.
• Work with various risk control partners such as Information Security/IT, Fraud, Business Continuity, Compliance, Privacy, and Legal.
• Manage daily third-party management operations.
• Ensure adherence to the Third-Party Management Policy by reviewing and maintaining third-party documentation.
• Serve as a single point of contact for TPMS related questions and issues.
• Build close relationships with business owners to understand their strategy or direction.
• Facilitate contract review between business partners, third-parties, and legal.
• Prepare documents and support internal/external discussions regarding third-party management issues.
• Leverage standard frameworks such as NIST, ISO, COBIT to recommend mitigating controls.
• Work with Legal to define and build contract term playbook library.
• Assist in tracking and reporting of score cards and SLAs.
• Develop, implement, monitor, and report performance measures that demonstrate value.
• Act as a primary liaison with the business and TPRM 2nd Line to build risk assessment and required control.
• Assist procurement services teams to ensure compliance with Third-Party management policy.

Benefits

• Competitive salaries
• Ownership stake in the company
• Medical and dental insurance
• Time off
• Great 401k matching program
• Tuition assistance program
• Employee volunteer program
• Wellness program